7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.045 Low
EPSS
Percentile
92.5%
Updated pdns and pdns-recursor packages fix security vulnerability: A bug was discovered in the label decompression code in PowerDNS and PowerDNS Recursor, making it possible for names to refer to themselves, thus causing a loop during decompression. On some platforms, this bug can be abused to cause crashes. On all platforms, this bug can be abused to cause service-affecting CPU spikes (CVE-2015-1868). The pdns package has been updated to version 3.3.2 and the pdns-recursor package has been updated to version 3.6.3 to fix this issue and other bugs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | pdns | < 3.3.2-1 | pdns-3.3.2-1.mga4 |
Mageia | 4 | noarch | pdns-recursor | < 3.6.3-1 | pdns-recursor-3.6.3-1.mga4 |